[Dshield] NAT: Secure?

Keith Bergen keith at keithbergen.com
Wed Aug 27 14:34:59 GMT 2003


Just to start off, a "NAT Firewall" is not a firewall. It is, 
however, a fairly good way for people to add some protection 
to their home network.

Basically, NAT is designed to allow multiple computers behind 
a single point to access the Internet etc. The outside world 
only "sees" the router, so it wouldn't see your valuable data 
on your home PC.

When a request for a port comes to the NAT router, let's say 
port 135, the NAT router either knows to forward it, or 
doesn't. If you haven't told it how to forward 135, it just 
goes away.

Hope this simple explanation from an even simpler individual 
helps.

I've logged all the connections that my router has "turned 
away" since april.
http://keithbergen.dyndns.org/cgi-bin/rlac.pl

Keith.


---- Original message ----
>Date: 27 Aug 2003 08:49:49 -0400
>From: Alan Frayer <afrayer at frayernet.com>  
>Subject: [Dshield] NAT: Secure?  
>To: list at dshield.org
>
>Please pardon the basic question, but I'm filling holes in my
>understanding of firewalls, and figure this is a good place 
to do so.
>
>How secure is NAT? One sees advertised dozens of inexpensive 
broadband
>routers with simple NAT firewalls (which isn't really a 
firewall, I
>know; the firewall is a side effect of the purpose of NAT), 
and I wonder
>if the public isn't being taken by depending on these 
devices.
>
>_____________________________________________________________
___________
>Alan Frayer,CNE,CNI,CIW CI,MCP,Net+ - afrayer at frayernet.com
>Seeking an IT Mgmt/Network Admin position in the Tampa Bay 
Region
>If you would like to discuss an opportunity with me, please 
e-mail.
>
>
>_______________________________________________
>list mailing list
>list at dshield.org
>To change your subscription options (or unsubscribe), see: 
http://www.dshield.org/mailman/listinfo/list




More information about the list mailing list